Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
File:                     aBFGMD9XUewN_C71R6qyR69OaB8.mft (raw, json)
Hash identifier:          HrcZqS/zVN242J0UnsxRy2spHRnrNvYo6/sldfWkYCU=
Subject key identifier:   AD:6D:A4:C0:AF:FF:51:23:84:BA:C8:91:D5:1D:B7:EA:99:A6:8A:B6
Authority key identifier: 68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F
Certificate issuer:       /CN=681146303f5751ec0dfc2ef547aab247af4e681f
Certificate serial:       019D2704319D75FE169FE574913FAA9868BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
Manifest number:          0F66
Signing time:             Wed 25 Mar 2026 22:01:19 +0000
Manifest this update:     Wed 25 Mar 2026 22:01:19 +0000
Manifest next update:     Thu 26 Mar 2026 22:01:19 +0000
Files and hashes:         1: aBFGMD9XUewN_C71R6qyR69OaB8.crl (hash: USGmZ2x/YwKJYkVmIsPaBLb1ZBkM3fD2LdATIIK6vp8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 26 Mar 2026 15:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:27:04:31:9d:75:fe:16:9f:e5:74:91:3f:aa:98:68:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=681146303f5751ec0dfc2ef547aab247af4e681f
        Validity
            Not Before: Mar 25 22:01:19 2026 GMT
            Not After : Mar 26 22:01:19 2026 GMT
        Subject: CN=ad6da4c0afff512384bac891d51db7ea99a68ab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:0e:9d:de:e9:89:55:aa:6a:b1:8d:d7:89:49:
                    7e:b1:81:07:4a:ba:3b:d6:df:60:20:a8:e3:0b:7e:
                    db:90:41:62:73:6d:39:e1:8f:5d:c1:e7:c5:37:42:
                    bb:a9:f9:c1:98:00:4d:0a:e3:c6:1e:b8:b1:5f:3e:
                    fd:95:c6:c3:a5:cd:68:c3:fa:99:ab:4d:69:b4:c8:
                    d5:cb:ce:4c:ab:5e:5d:7e:70:7e:71:2a:96:4b:94:
                    06:3a:85:0f:14:97:aa:84:12:b3:f6:5b:f8:9c:e2:
                    db:7e:3f:72:bd:63:0c:19:43:d4:54:2f:3b:12:96:
                    dd:08:62:11:33:1f:8d:a7:b1:9b:21:16:67:1d:d9:
                    22:ef:75:03:bf:10:c6:12:e0:57:6f:c1:11:f7:c9:
                    34:ac:b6:d7:05:44:a1:52:0f:4e:4a:84:44:42:83:
                    de:23:83:ee:0a:f9:8f:da:0d:1c:da:ad:30:87:47:
                    71:23:93:85:b0:ee:f7:60:79:1a:dd:a3:98:37:2e:
                    94:52:a5:94:f4:fd:5e:ae:30:00:24:ca:27:34:15:
                    3a:95:47:68:ce:d3:57:a6:6a:cf:5c:ad:53:08:fc:
                    d8:31:3f:97:a9:93:e8:6c:72:93:a4:68:b5:b8:5b:
                    7e:86:90:a2:ae:36:50:d0:47:d4:e3:c7:d0:82:f9:
                    a6:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6D:A4:C0:AF:FF:51:23:84:BA:C8:91:D5:1D:B7:EA:99:A6:8A:B6
            X509v3 Authority Key Identifier:
                keyid:68:11:46:30:3F:57:51:EC:0D:FC:2E:F5:47:AA:B2:47:AF:4E:68:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBFGMD9XUewN_C71R6qyR69OaB8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d938dc-00c4-4680-9944-4a3733f4722b/1/aBFGMD9XUewN_C71R6qyR69OaB8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:96:0a:61:29:c9:a7:e5:67:75:26:67:5e:9e:ec:94:9a:32:
         cf:05:37:c4:20:ce:b9:a3:1d:2e:37:01:08:d6:ec:a2:21:1a:
         b5:ef:dd:c9:b1:a3:20:b2:c3:ea:d4:68:9b:87:5b:82:10:f9:
         00:e1:a2:f8:97:a9:37:da:ea:a0:d5:02:55:39:9c:c5:e6:9a:
         f8:85:73:0e:e4:bd:e8:57:e0:e7:69:22:68:e0:4a:65:07:b3:
         68:03:ea:74:1e:73:da:ef:dc:e5:1c:5f:39:2f:98:b2:68:c5:
         0f:c2:27:86:20:2e:6e:c6:1c:3e:14:74:72:43:01:d5:23:9f:
         32:a6:04:ac:6d:23:ce:19:95:32:02:8b:f3:81:ee:a8:a6:bd:
         a1:04:79:50:99:d8:da:75:3d:0a:7f:7d:bf:df:72:db:6d:e3:
         ff:5b:97:3d:28:81:36:34:0a:ee:63:bc:10:c5:78:ef:6b:0a:
         25:69:2f:5d:d4:38:71:54:0f:0a:0c:4c:01:84:1d:7d:2f:5c:
         68:6d:b5:80:d0:63:6c:88:b0:77:f0:1f:a5:89:e0:a5:9f:de:
         cf:9f:8d:f2:1f:1d:ea:ca:87:0c:5c:20:9c:6b:ec:84:a8:89:
         b6:5f:fc:9d:e4:3d:8c:51:74:e2:7e:53:74:33:16:59:78:ea:
         5b:7f:0c:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBDGddf4Wn+V0kT+qmGi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTE0NjMwM2Y1NzUxZWMwZGZjMmVmNTQ3YWFiMjQ3YWY0
ZTY4MWYwHhcNMjYwMzI1MjIwMTE5WhcNMjYwMzI2MjIwMTE5WjAzMTEwLwYDVQQD
EyhhZDZkYTRjMGFmZmY1MTIzODRiYWM4OTFkNTFkYjdlYTk5YTY4YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA6d3umJVapqsY3XiUl+sYEHSro7
1t9gIKjjC37bkEFic2054Y9dwefFN0K7qfnBmABNCuPGHrixXz79lcbDpc1ow/qZ
q01ptMjVy85Mq15dfnB+cSqWS5QGOoUPFJeqhBKz9lv4nOLbfj9yvWMMGUPUVC87
EpbdCGIRMx+Np7GbIRZnHdki73UDvxDGEuBXb8ER98k0rLbXBUShUg9OSoREQoPe
I4PuCvmP2g0c2q0wh0dxI5OFsO73YHka3aOYNy6UUqWU9P1erjAAJMonNBU6lUdo
ztNXpmrPXK1TCPzYMT+XqZPobHKTpGi1uFt+hpCirjZQ0EfU48fQgvmmuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK1tpMCv/1EjhLrIkdUdt+qZpoq2MB8GA1UdIwQY
MBaAFGgRRjA/V1HsDfwu9UeqskevTmgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQt
NGEzNzMzZjQ3MjJiLzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kOTM4ZGMtMDBjNC00NjgwLTk5NDQtNGEzNzMzZjQ3MjJi
LzEvYUJGR01EOVhVZXdOX0M3MVI2cXlSNjlPYUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADJYKYSnJ
p+VndSZnXp7slJoyzwU3xCDOuaMdLjcBCNbsoiEate/dybGjILLD6tRom4dbghD5
AOGi+JepN9rqoNUCVTmcxeaa+IVzDuS96Ffg52kiaOBKZQezaAPqdB5z2u/c5Rxf
OS+YsmjFD8InhiAubsYcPhR0ckMB1SOfMqYErG0jzhmVMgKL84HuqKa9oQR5UJnY
2nU9Cn99v99y223j/1uXPSiBNjQK7mO8EMV472sKJWkvXdQ4cVQPCgxMAYQdfS9c
aG21gNBjbIiwd/AfpYngpZ/ez5+N8h8d6sqHDFwgnGvshKiJtl/8neQ9jFF04n5T
dDMWWXjqW38MJA==
-----END CERTIFICATE-----